Proper Password Management: A big concern till today

Oct 9, 2018 | Privileged accounts , Password Policy

A recent audit on Western Australian Government has revealed that almost 1500 employees are using same password for more than six thousand five hundred accounts. From the point of view of data security, this news has raised serious concerns on the safety of thousands of sensitive information stored in the official network. The audit also disclosed that 26% of accounts across the organization has either weak or commonly used passwords which leaves the systems vulnerable to breaches or successful hacks. It is expected that trained employees would understand the seriousness of maintaining the security measures and thus pass on the knowledge to the subordinates to ensure apt security in every sphere.

In order to keep data theft risks at bay, Password management is one of the crucial components, especially for the privileged accounts. Since privileged accounts are the key doors for major confidential business information, thus cyber crooks are always finding newer ways to breach privileged accounts and take hostage of those data. In Privilege Access Management (PAM), password vaulting works as a solution for multiple access to the same accounts from different email IDS. As a result, it is very difficult to establish manual control over change of passwords. It enables enterprises to manage complex and dynamic changes along with regulatory mandates.

Proper delegation of different passwords for different accounts is very important to put an end to the chances of data theft. The length and number of characters in passwords is very crucial to maintain privacy and security of the accounts. The audit team in the above incident thus stated, “Many of these passwords comply with industry standards for password complexity and a length of at least 8 characters. This indicates that merely applying these parameters is insufficient to guard against inappropriate access to networks and systems.” Thus, its very important for the organizations, irrespective of Government and non-government, to take serious consideration for a robust password management. Unless, massive financial and reputation crisis might loom large on the organization.